Cloud computing service providers provide hardware and software computing resources hosted in a remote location to users over a network, such as the Internet. Users are able to buy computing resources, such as storage and computing power, on demand. Use of such virtual computing resources can provide a number of advantages, including cost advantages and the ability to adapt to rapidly changing computing resource needs.
In a cloud computing arrangement, the cloud service provider is entrusted with user data, which may contain sensitive or valuable information. Such user data can be a favored target of data intruders who wish to obtain the data for illicit or illegal purposes. So, data and network security are of great importance in a cloud environment.
Although service providers are vigilant about security issues, some problems can still arise. For example, a system may adhere to best practices to avoid security problems when initially deployed. However, over time, the system may drift from its original configuration due to maintenance, testing, or the like. Unfortunately, the introduction of artifacts and subtle changes in the system can leave security holes that allow an attacker to compromise the system or gain information to assist in an attack.
Thus, there is a need for technologies to address such security issues.